Ransomware victim disclosure
← All victimsVandalia Rental
Claimed by Akira · listed 5 days ago
Status timeline
- ListedJul 10, 2026
- Data leakeddate unknown
At a glance
- Group
- Akira
- Status
- Data leaked
- Sector
- Consumer Services
- Listed on leak site
- Jul 10, 2026
About the victim
AI dossier — public-source company profileVandalia Rental is a regional equipment rental company serving the Greater Dayton, Cincinnati, and Northern Kentucky markets since 1961. They provide construction rental equipment and services to businesses of all sizes, government agencies, and municipalities across Ohio, Indiana, and Kentucky, with national sales operations.
- Industry
- Equipment Rental & Leasing
- Founded
- 1961
Attack summary
Severity: critical — Confirmed exfiltration of 40 GB of data including SSNs and personally identifiable information at scale for both employees and clients, triggering regulatory notification obligations under breach notification laws.The Akira group claims to have exfiltrated approximately 40 GB of corporate data, including detailed employee and client personal information (names, SSNs, dates of birth), project files, financial records, client internal information, and contracts.
Data the group says was taken
AI dossier — extracted from the leak post- Employee personal information (SSN, name, DOB)
- Client personal information (SSN, name, DOB)
- Financial records
- Project files
- Client internal information
- Contracts and agreements
What the group claims
Vandalia Rental has served the Greater Dayton and Greater Cincinnati and Northern Kentucky mark ets since 1961. Vandalia Rental proudly services construction rental accounts ranging from smal l businesses to large publicly traded corporations, government agencies, and municipalities thr oughout the Ohio, Indiana, and Kentucky regions, and sales accounts throughout the country. We will upload 40gb of corporate data soon. Detailed employee and client personal information ( SSN numbers, name, DOB and so on), projects files, financials, client internal information, con tracts and agreements and so on.
Source
Indexed 5 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

